PkgRadar

PyPI · pypi.org

kryth

Py Install Time Subprocess: subprocess call — process spawning.

Why PkgRadar flagged 2.4.0

SeveritySignalEvidence
mediumPy Install Time Subprocesssubprocess call — process spawning. · kryth-2.4.0/src/agent/browser-use/browser_agent/skill_cli/commands/setup.py
mediumPy Import Time Subprocesssubprocess call — process spawning. · kryth-2.4.0/src/agent/bridge/__init__.py
highPy Runtime Dynamic Dangerous ImportDynamic __import__('os') — reflection bypass for static checks. · kryth-2.4.0/src/agent/browser-use/browser_agent/skill_cli/python_session.py
highPy Import Time Network CallNetwork call (urllib/requests/httpx/http.client) at install or import time. · kryth-2.4.0/src/agent/bridge/__init__.py

Scanned versions

VersionVerdictScoreScanned (UTC)
2.4.0High risk1332026-06-08
2.3.0High risk1332026-06-08
2.1.0High risk482026-06-03
2.0.1High risk482026-06-03
2.0.0High risk482026-06-03
1.5.3High risk482026-06-03
1.5.2High risk482026-06-03
1.5.1High risk482026-06-03
1.5.0High risk482026-06-03
1.4.4High risk482026-06-03
1.4.3High risk482026-06-03
1.4.2High risk482026-06-03
1.4.1High risk482026-06-03
1.4.0High risk482026-06-03
1.3.9High risk482026-06-03
1.3.8High risk482026-06-03
1.3.7High risk482026-06-02
1.3.5High risk482026-06-02
1.3.4High risk482026-06-02
1.3.3High risk482026-06-02
1.3.2High risk482026-06-01
1.3.1High risk482026-06-01
1.3.0High risk482026-06-01
1.2.3High risk482026-06-01
1.2.2High risk482026-06-01
1.1.2High risk482026-06-01
1.1.1High risk482026-06-01
1.1.0High risk482026-06-01
1.0.9High risk482026-06-01
1.0.8High risk482026-05-31
1.0.7High risk482026-05-31
1.0.6High risk482026-05-31
1.0.5High risk482026-05-31
1.0.4High risk482026-05-31
1.0.2High risk482026-05-31
1.0.1High risk482026-05-31
1.0.0High risk482026-05-31

Block this in CI

PkgRadar gates kryth (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi kryth==2.4.0
Start free — 25 scans / moView full evidence